def _encrypt(self, plaintext, output): """Encrypt without FSM checks""" if output is None: ciphertext = create_string_buffer(len(plaintext)) else: ciphertext = output if _is_immutable(output): raise TypeError( "output must be a bytearray or a writeable memoryview") if len(plaintext) != len(output): raise ValueError( "output must have the same length as the input" " (%d bytes)" % len(plaintext)) result = _raw_chacha20_lib.chacha20_encrypt(self._state.get(), c_uint8_ptr(plaintext), c_uint8_ptr(ciphertext), c_size_t(len(plaintext))) if result: raise ValueError("Error %d while encrypting with ChaCha20" % result) if output is None: return get_raw_buffer(ciphertext) else: return None
def encrypt(self, plaintext, output=None): """Encrypt data with the key set at initialization. The data to encrypt can be broken up in two or more pieces and `encrypt` can be called multiple times. That is, the statement: >>> c.encrypt(a) + c.encrypt(b) is equivalent to: >>> c.encrypt(a+b) This function does not add any padding to the plaintext. :Parameters: plaintext : bytes/bytearray/memoryview The piece of data to encrypt. The length must be multiple of the cipher block length. :Keywords: output : bytearray/memoryview The location where the ciphertext must be written to. If ``None``, the ciphertext is returned. :Return: If ``output`` is ``None``, the ciphertext is returned as ``bytes``. Otherwise, ``None``. """ if output is None: ciphertext = create_string_buffer(len(plaintext)) else: ciphertext = output if _is_immutable(output): raise TypeError("output must be a bytearray or a writeable memoryview") if len(plaintext) != len(output): raise ValueError("output must have the same length as the input" " (%d bytes)" % len(plaintext)) result = raw_ecb_lib.ECB_encrypt(self._state.get(), c_uint8_ptr(plaintext), c_uint8_ptr(ciphertext), c_size_t(len(plaintext))) if result: if result == 3: raise ValueError("Data must be aligned to block boundary in ECB mode") raise ValueError("Error %d while encrypting in ECB mode" % result) if output is None: return get_raw_buffer(ciphertext) else: return None
def strxor_c(term, c, output=None): """XOR a byte string with a repeated sequence of characters. Args: term(bytes/bytearray/memoryview): The first term of the XOR operation. c (bytes): The byte that makes up the second term of the XOR operation. output (None or bytearray/memoryview): If not ``None``, the location where the result is stored into. Return: If ``output`` is ``None``, a new ``bytes`` string with the result. Otherwise ``None``. """ if not 0 <= c < 256: raise ValueError("c must be in range(256)") if output is None: result = create_string_buffer(len(term)) else: # Note: output may overlap with either input result = output if _is_immutable(output): raise TypeError("output must be a bytearray or a writeable memoryview") if len(term) != len(output): raise ValueError("output must have the same length as the input" " (%d bytes)" % len(term)) _raw_strxor.strxor_c(c_uint8_ptr(term), c, c_uint8_ptr(result), c_size_t(len(term)) ) if output is None: return get_raw_buffer(result) else: return None
def strxor(term1, term2, output=None): """XOR two byte strings. Args: term1 (bytes/bytearray/memoryview): The first term of the XOR operation. term2 (bytes/bytearray/memoryview): The second term of the XOR operation. output (bytearray/memoryview): The location where the result must be written to. If ``None``, the result is returned. :Return: If ``output`` is ``None``, a new ``bytes`` string with the result. Otherwise ``None``. """ if len(term1) != len(term2): raise ValueError("Only byte strings of equal length can be xored") if output is None: result = create_string_buffer(len(term1)) else: # Note: output may overlap with either input result = output if _is_immutable(output): raise TypeError("output must be a bytearray or a writeable memoryview") if len(term1) != len(output): raise ValueError("output must have the same length as the input" " (%d bytes)" % len(term1)) _raw_strxor.strxor(c_uint8_ptr(term1), c_uint8_ptr(term2), c_uint8_ptr(result), c_size_t(len(term1))) if output is None: return get_raw_buffer(result) else: return None
def encrypt(self, plaintext, output=None): """Encrypt a piece of data. Args: plaintext(bytes/bytearray/memoryview): The data to encrypt, of any size. Keyword Args: output(bytes/bytearray/memoryview): The location where the ciphertext is written to. If ``None``, the ciphertext is returned. Returns: If ``output`` is ``None``, the ciphertext is returned as ``bytes``. Otherwise, ``None``. """ if output is None: ciphertext = create_string_buffer(len(plaintext)) else: ciphertext = output if _is_immutable(output): raise TypeError( "output must be a bytearray or a writeable memoryview") if len(plaintext) != len(output): raise ValueError( "output must have the same length as the input" " (%d bytes)" % len(plaintext)) result = _raw_salsa20_lib.Salsa20_stream_encrypt( self._state.get(), c_uint8_ptr(plaintext), c_uint8_ptr(ciphertext), c_size_t(len(plaintext))) if result: raise ValueError("Error %d while encrypting with Salsa20" % result) if output is None: return get_raw_buffer(ciphertext) else: return None
def decrypt(self, ciphertext, output=None): """Decrypt data with the key and the parameters set at initialization. A cipher object is stateful: once you have decrypted a message you cannot decrypt (or encrypt) another message with the same object. The data to decrypt can be broken up in two or more pieces and `decrypt` can be called multiple times. That is, the statement: >>> c.decrypt(a) + c.decrypt(b) is equivalent to: >>> c.decrypt(a+b) This function does not remove any padding from the plaintext. :Parameters: ciphertext : bytes/bytearray/memoryview The piece of data to decrypt. It can be of any length. :Keywords: output : bytearray/memoryview The location where the plaintext must be written to. If ``None``, the plaintext is returned. :Return: If ``output`` is ``None``, the plaintext is returned as ``bytes``. Otherwise, ``None``. """ if self.decrypt not in self._next: raise TypeError("decrypt() cannot be called after encrypt()") self._next = [self.decrypt] if output is None: plaintext = create_string_buffer(len(ciphertext)) else: plaintext = output if _is_immutable(output): raise TypeError( "output must be a bytearray or a writeable memoryview") if len(ciphertext) != len(output): raise ValueError( "output must have the same length as the input" " (%d bytes)" % len(plaintext)) result = raw_ctr_lib.CTR_decrypt(self._state.get(), c_uint8_ptr(ciphertext), c_uint8_ptr(plaintext), c_size_t(len(ciphertext))) if result: if result == 0x60002: raise OverflowError("The counter has wrapped around in" " CTR mode") raise ValueError("Error %X while decrypting in CTR mode" % result) if output is None: return get_raw_buffer(plaintext) else: return None
def encrypt(self, plaintext, output=None): """Encrypt data with the key and the parameters set at initialization. A cipher object is stateful: once you have encrypted a message you cannot encrypt (or decrypt) another message using the same object. The data to encrypt can be broken up in two or more pieces and `encrypt` can be called multiple times. That is, the statement: >>> c.encrypt(a) + c.encrypt(b) is equivalent to: >>> c.encrypt(a+b) That also means that you cannot reuse an object for encrypting or decrypting other data with the same key. This function does not add any padding to the plaintext. :Parameters: plaintext : bytes/bytearray/memoryview The piece of data to encrypt. Its lenght must be multiple of the cipher block size. :Keywords: output : bytearray/memoryview The location where the ciphertext must be written to. If ``None``, the ciphertext is returned. :Return: If ``output`` is ``None``, the ciphertext is returned as ``bytes``. Otherwise, ``None``. """ if self.encrypt not in self._next: raise TypeError("encrypt() cannot be called after decrypt()") self._next = [ self.encrypt ] if output is None: ciphertext = create_string_buffer(len(plaintext)) else: ciphertext = output if _is_immutable(output): raise TypeError("output must be a bytearray or a writeable memoryview") if len(plaintext) != len(output): raise ValueError("output must have the same length as the input" " (%d bytes)" % len(plaintext)) result = raw_cbc_lib.CBC_encrypt(self._state.get(), c_uint8_ptr(plaintext), c_uint8_ptr(ciphertext), c_size_t(len(plaintext))) if result: if result == 3: raise ValueError("Data must be padded to %d byte boundary in CBC mode" % self.block_size) raise ValueError("Error %d while encrypting in CBC mode" % result) if output is None: return get_raw_buffer(ciphertext) else: return None